Ending 2012 with the typical Windows fixes

We come to the last set of updates for 2012, and it’s the usual round of suspects — new Internet Explorer and Windows kernel fixes.

But many Windows users will also see an awkward assortment of reissued patches and a slew of Win8 fixes.

MS12-077 (2761465)

Finishing the year with another browser patch

It would not be Patch Tuesday without another fix for Internet Explorer. Even if you use another browser for your day-to-day Web activities, you should install most (if not all) IE updates. KB 2761465 is rated critical only for Vista SP2 and Windows 7 systems using IE 9, and Windows 8 systems using IE 10.

Microsoft doesn’t give a severity rating for systems using IE 6 through 8. Those versions get the update only for a defense-in-depth measure — they’re not vulnerable to this exploit. The defense-in-depth measure blocks cross-site-scripting attacks, in which an attacker convinces a PC user to paste JavaScript code into the browser’s URL field.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.